(12) 



UK Patent Application <„,GB ,,,,2 370 383 ™A 



(43) Date of A Publication 26.06.2002 



(21) Application No 0031428.6 

(22) Date of Filing 22.12.2000 



(71) Applicant(s) 

Hewlett Packard Company 

(Incorporated in USA - Delaware) 

3000 Hanover Street, Palo Alto, California 94304, 

United States of America 

(72) Inventor(s) 

Keith Alexander Harrison 

(74) Agent and/or Address for Service 
Hewlett-Packard Limited 

Intellectual Property Section, Filton Road, Stoke 
Grfford, BRISTOL, BS34 8QZ, United Kingdom 



(51) INT CL 7 

G06F 1/00 

(52) UK CL (Edition T ) 

G4AAAP 

H4L LECCP L207 

(56) Documents Cited 
GB 2341061 A 
WO 00/31608 A2 



GB 2324682 A 
US 5892901 A 



(58) Field of Search 

UK CL (Edition S ) H4L LDDDX LDGX LECCP LECCX 

LED LRCMA LRCMS LRCMX 

INT CL 7 G06F 1/00 , H04Q 7/32 7/38 

ONLINE DATABASES: WPI, EPODOC, JAPIO 



(54) Abstract Title 

Access to personal computer using password stored in mobile phone 

(57) A wireless communication is established between a mobile phone and a PC via a cellular base station. A 
password for accessing the PC is downloaded to the mobile phone and stored in the memory or SIM card. A 
user wishing to access the PC enters their username into the PC. A wireless communication is then established 
between the user's mobile phone and the PC and the stored password is transmitted to the PC. Alternatively 
the user can select a password to be transmitted from a list stored in the mobile phone. Upon receipt of the 
password the PC verifies it and allows the user to log on if the password is correct. The password may be 
encrypted and the method may be implemented using the WAP protocol. The method can be used to 
authenticate a bank transaction using the short message service (SMS). 
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IMPROVEMENTS IN AND RELATING TO COMMUNICATION METHODS , 
COMMUNICATION SYSTEMS AND TO PERSONAL COMMUNICATION 

DEVICES 

The present invention relates to communication methods, 
communication systems and to personal communication 
devices . 

The advance of digital technology has meant that more and 
more transactions and communications are being carried out 
in the digital domain. One of the main concerns of users 
of this technology is that of security. One way in which 
security can be enhanced is by the provision of password 
protection for a user, for instance, to access their 
computer at work or their bank account. In the digital 
domain these passwords can be of a length and complexity 
such that it is impractical for a user to seek to memorise 
them themselves. Typically a digital password will be 16- 
20 bytes in length and random. The problem therefore 
arises of in which location to keep these passwords where 
they can be used and yet also be secure. 

Preferred embodiments of the present invention aim to 
provide a solution to the problem outlined above. 

To solve this problem the present invention proposes that 
secrets (which can include passwords) be kept in a user's 
personal communication device that is configured to 
provide the secret when required to do so. The user can 
have varying degrees of control over the automation of the 
provision of the secret when requested by an external 
source . 
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According to the present invention in a first aspect, 
there is provided a communication method comprising a 
personal communication device, the personal communication 
device comprising a memory in which is stored a secret, 
5 and a digital device capable of communication with the 
personal communication device, the method comprising the 
steps of establishing communication between the personal 
communication device and the digital device, and providing 
the secret from the personal communication device to the 
10 digital device. 

Suitably, the communication established is wireless 
communication . 

15 Suitably, the secret is encrypted in the memory and the 
method includes the step of decrypting the secret. 
Suitably, the secret is encrypted according to a key 
provided by the digital device. 

20 Suitably, the method comprises the step of providing the 
secret to a designated digital device upon a user request . 

Suitably, the method further comprises the steps of the 
digital device requesting a secret from the personal 

25 communication device, the personal communication device 
requesting confirmation from a user that the secret can be 
provided and providing the secret to the digital device 
only if the confirmation is provided by the user. 
Suitably, the confirmation comprises the user providing a 

30 secret. Suitably, the requesting step comprises the 
digital device and the personal communication device 
establishing contact with each other and the personal 
communication device indicating to the user that a request 
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for a secret has been received. Suitably, the indicating 
step comprises providing an audible signal. Suitably, the 
indicating step comprises providing a visual signal. 
Suitably, the requesting step comprises providing to the 
5 user a selection of options of which at least one is to 
approve the request by selecting the relevant option. 

Suitably, the memory stores a plurality of secrets and the 
method further comprises the step of the personal 
10 communication device providing a user with a plurality of 
secrets from which to select the secret to be provided to 
the digital device. 

Suitably, the personal communication device comprises a 
15 cellular communication device. Suitably, the personal 
communication device comprises a cellular telephone for 
voice calls. 

Suitably, the digital device is a non-cellular device. 
20 Suitably, the digital device comprises a modem for 
communication with the personal communication device. 

A secret comprises information for authentication or 
authorisation that the user does not wish to become widely 
25 known. 

According to the present invention in a second aspect, 
there is provided a communication system comprising a 
personal communication device, the personal communication 
30 device comprising a memory in which is stored a secret, 
and a digital device capable of communication with the 
personal communication device, the personal communication 
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device being configured to transmit the secret when 
instructed to do so. 

Suitably, the communication capable of being established 
5 between the personal communication device and the digital 
device is wireless communication. 

Suitably , the secret is encrypted in the memory and the 
digital device is capable of decrypting the secret ♦ 
10 Suitably, the secret is encrypted according to a key 
provided by the digital device. 

Suitably, the personal communication device is configured 
whereby the secret is transmitted to a designated digital 
15 device upon receipt of a user instruction. 

Suitably, the personal communication device is configured 
whereby upon the digital device requesting a secret from 
the personal communication device, the personal 

20 communication device requests confirmation from a user 
that the secret can be provided and provides the secret to 
the digital device only if the confirmation is provided by 
the user. Suitably, the confirmation comprises the user 
providing a secret. Suitably, to request the secret, the 

25 digital device is configured to establish contact with the 
personal communication device and the personal 
communication device is configured to indicate to the user 
that a request for a secret has been received. Suitably, 
the indication comprises providing an audible signal. 

30 Suitably, the indication comprises providing a visual 
signal. Suitably, the personal communication device is 
configured whereby upon receipt of the request the 
personal communication device provides to the user a 
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selection of options of which at least one is to approve 
the request by selecting the relevant option. 

Suitably, the memory stores a plurality of secrets and the 
5 personal communication device is configured to provide a 
user with a plurality of secrets from which to select the 
secret to be provided to the digital device. 

Suitably, the personal communication device comprises a 
10 cellular communication device. Suitably, the personal 
communication device comprises a cellular telephone for 
voice calls. 

Suitably, the digital device is a non-cellular device. 
15 Suitably, the digital device comprises a modem for 
communication with the personal communication device. 

According to the present invention in a third aspect, 
there is provided a personal communication device, the 
20 personal communication device comprising a memory in which 
is stored a secret, the personal communication device 
being configured to transmit the secret to a digital 
device when instructed to do so. 

25 Suitably, the transmission is by wireless communication. 

Suitably, the secret is encrypted in the memory. 
Suitably, the secret is encrypted according to a key 
provided by the digital device. 
30 Suitably, the personal communication device is configured 
to transmit the secret to a designated digital device upon 
receipt of a user instruction. 
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Suitably, the personal communication device is configured 
whereby upon receipt of a request for a secret from the 
personal communication device, the personal communication 
device requests confirmation from a user that the secret 
5 can be provided and transmits the secret only if the 
confirmation is provided by the user. Suitably, the 
confirmation comprises the user providing a secret . 
Suitably, the personal communication device is configured 
whereby upon receipt of a request for a secret, the 

10 personal communication device indicates to the user that a 
request for a secret has been received- Suitably, the 
indication comprises providing an audible signal. 
Suitably, the indication comprises providing a visual 
signal. Suitably, the personal communication device is 

15 configured whereby the user is provided with a selection 
of options of which at least one is to approve the request 
by selecting the relevant option. 

Suitably, the memory stores a plurality of secrets and the 
20 personal communication device is configured to provide a 
user with a plurality of secrets from which to select the 
secret to be transmitted* 

Suitably, the personal communication device comprises a 
25 cellular communication device. Suitably, the personal 
communication device comprises a cellular telephone for 
voice calls. 

The present invention can be particularly beneficial 
30 because it enables a cellular mobile phone to transmit a 
secret stored on-board to a non- cellular device to enable 
the latter to perform a function, such as permitting user 
log-on or to complete a transaction. 
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Mobile phones are regarded as everyday personal items by 
their users who, as a rule, are used to treating them as 
valuable objects. Mobile phones are already provided with 
5 security devices such as Personal Identification Numbers 
(PIN) to prevent unauthorised access. Other biometric 
(e.g. fingerprint) security devices can be used if 
desired. Further, if the secrets are stored in the 
Subscriber Identity Module (SIM) card, they are 
10 transportable from phone to phone. 

The present invention will now be described, by way of 
example only, with reference to the drawings that follow; 
in which: 

15 

Figure 1 is a diagram illustrating a first embodiment of 
the present invention. 

Figure 2 is a functional flow diagram illustrating part of 
20 the operation of an embodiment of the present invention. 

Figure 3 is a functional flow diagram illustrating another 
part of the operation of an embodiment of the present 
invention corresponding to Figure 2 . 

25 

Referring to Figure 1 of the drawings that follow, there 
is shown schematically a cellular digital mobile phone 2, 
being a personal communication device, comprising as is 
well known a radio transmitter 4, a radio receiver 6, a 
30 microprocessor 8 (including Random Access Memory (RAM) ) 
and a SIM card 10. The phone 2 includes a liquid crystal 
display screen 12 and an alphanumeric keypad 14 as is well 
known in the art. 
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Also shown in Figure 1 is a digital personal computer (PC) 
16 comprising a PC modem 18 and a PC microprocessor 20. 

5 Mobile phone 2 can establish radio communication with a 
cellular base station 22 via its radio transmitter 4 and 
receiver 6. Cellular base station 22 can establish 
communication with PC 16 via PC modem 18 using Wireless 
Application Protocol (WAP) . 

10 

Operation of the system shown in Figure 1 will now be 
described with reference to Figure 2 of the drawings that 
follow using the example of a user 24 wishing to obtain 
and use a secret password to log on to their PC 16. 

15 

First the user 24 needs to obtain their password. To do 
so the mobile phone 2 and the PC 16 establish wireless 
communication with each other in step 100* This can be 
either by the user 24 instructing the mobile phone 2 to 
20 contact the PC 16 for a password or the PC 16 contacting 
the mobile phone 2 to provide a password. 

Upon communication being established, the user 24 has a 
password downloaded to their mobile phone 2 in step 102, 
25 In this case it is the password for access to the PC 16. 
Generally this will be associated with a user name as is 
well known in the art. 

The password is then stored in the mobile phone 2 in step 
30 104. The password can be stored in the memory of 
microprocessor 8 or in the SIM card 10. 
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The user 24 then in step 106 allocates to the password a 
quick reference descriptor using the alphanumeric keypad 
14 on the mobile phone 2. For instance the descriptor in 
this case may be u W0RK PC PASSWORD" . 

Referring now to Figure 3 of the drawings that follow, use 
of the mobile phone 2 to access the PC 16 will now be 
described. 

The user first notifies the PC 16 that he/she wishes to 
log on in step 200. Typically to do so the user will 
enter their user name in to the PC 16. The PC log on 
protocol is modified to require or permit password input 
from the user's mobile phone 2. At step 202, the PC then 
requests that the user's password be entered. The PC 16 
establishes in step 204 communication with the mobile 
phone 2 by the calling the number of the mobile phone 2 
from a look-up table. Alternatively, the user 24 can be 
prompted by the PC 16 to establish communication with the 
PC 16 from their mobile phone 2. 

The user 24 is then in step 206 notified by an audible 
signal from their mobile phone 2 combined with an on- 
screen message on their mobile phone 2 that the PC 
password is being requested. Simultaneously a list of 
available passwords or other secrets in the mobile phone 2 
is presented to the user on the screen 12 of the mobile 
phone 2 as a scroll down list. The passwords and other 
secrets are displayed by their quick reference descriptor 
titles. 

In this case the user 24 selects "WORK PC PASSWORD" in 
step 208 and presses the "send" (or some other 
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confirmatory) button on the mobile phone 2 in step 210. 
The PC digital password is then transmitted from the 
mobile phone to the PC 16 in step 212 via the cellular 
network. Upon receipt the PC 16 verifies the password (in 
5 step 214) and permits access (i.e. allows user log on) to 
the PC by the user 24 if the password is correct in step 
216. If the password is incorrect, access is denied (step 
218) , a corresponding message is displayed on the PC 16 
and transmitted by the PC 16 for display on the mobile 
10 phone screen 12 . 

As an option the user 24 may select that some or all of 
the secrets on the mobile phone 2 are transmitted 
automatically without the need for a confirmatory step by 

15 the user. In that case upon request from an external 
source, the mobile phone 2 will automatically provide the 
requested secret. Alternatively, the user 24 may transmit 
a secret upon request to a designated digital device, the 
device being designated by a number in the telephone 

20 network. 

The password stored in the mobile phone can be encrypted. 
There are two reasons for encryption. The first is to 
prevent the password being made available to a thief . In 

25 this case the user must enter a password or other secret 
(typically via the keypad 14) before the password is 
transmitted. The password is verified by the mobile phone 
2 before transmitting the secret. The second reason is to 
prevent the password from being made available to an 

30 eavesdropper. In this case the PC 16 sends a challenge, 
typically a digital key, which the mobile phone 2 uses to 
encrypt the password and send it to the PC 16 which 
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decrypts the encrypted password. A nonce is used to 
prevent a reply attack. 

The system described above is implemented using the 
Wireless Application Protocol (WAP) . 

The password may come from other sources. For instance 
the user 24 may be provided with the password already 
stored on a SIM 10 supplied with their phone or provided 
subsequently. Alternatively a secret may be loaded on to 
the phone by a trusted third party. if the user 24 
downloads their own password there may be a requirement 
for them to be supervised to prevent mis-use. 

Other examples of secrets that may be stored on the mobile 
phone are: public keys (for a public key infrastructure), 
symmetric keys such as a DES key, a PIN etc. 

The present method, system and device can be used in other 
applications. For instance, if a bank wishes to confirm a 
transaction with a customer (here the user 24), it can 
send a message to the customer for instance using the 
Short Messaging Service (SMS) giving details of the 
transaction and requesting an authentication from the 
customer which he/she can provide in the form of a secret. 

Whilst in preferred embodiments of the present invention 
all communication between the personal communication 
device and the digital device is using the cellular 
network, additional communication channels can be used 
such as infra-red communication. 
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The personal communication device may keep a log of all 
requests as a personal audit trail. 

While the term password is used in this description, it 
5 need not be a word. It can be a key. 

The reader's attention is directed to all papers and 
documents which are filed concurrently with or previous to 
this specification in connection with this application and 
10 which are open to public inspection with this 
specification, and the contents of all such papers and 
documents are incorporated herein by reference* 

All of the features disclosed in this specification 
15 (including any accompanying claims, abstract and 
drawings) , and/or all of the steps of any method or 
process so disclosed, may be combined in any combination, 
except combinations where at least some of such features 
and/or steps are mutually exclusive. 

20 

Each feature disclosed in this specification (including 
any accompanying claims, abstract and drawings) , may be 
replaced by alternative features serving the same, 
equivalent or similar purpose, unless expressly stated 
25 otherwise. Thus, unless expressly stated otherwise, each 
feature disclosed is one example only of a generic series 
of equivalent or similar features. 

The invention is not restricted to the details of the 
3 0 foregoing embodiment ( s ) . The invention extend to any novel 
one, or any novel combination, of the features disclosed 
in this specification (including any accompanying claims, 
abstract and drawings) , or to any novel one, or any novel 



13 



combination, of the steps of any method or process 
disclosed. 
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Claims 

1. A communication method comprising a personal 
communication device, the personal communication 
device comprising a memory in which is stored a 
secret, and a digital device capable of communication 
with the personal communication device, the method 
comprising the steps of establishing communication 
between the personal communication device and the 
digital device, and providing the secret from the 
personal communication device to the digital device. 

2. A communication method according to claim 1, in which 
the communication established is wireless 
communication. 

3 . A communication method according to claim 1 or claim 
2, in which the secret is encrypted in the memory and 
the method includes the step of decrypting the secret. 

4. A communication method according to claim 3, in which 
the secret is encrypted according to a key provided by 
the digital device . 

5. A communication method according to any preceding 
claim, in which the method comprises the step of 
providing the secret to a designated digital device 
upon a user request. 

6. A communication method according to any preceding 
claim, in which the method further comprises the steps 
of the digital device requesting a secret from the 
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personal communication device, the personal 
communication device requesting conf irmation from a 
user that the secret can be provided and providing the 
secret to the digital device only if the confirmation 
5 is provided by the user. 

7 . A communication method according to claim 6, in which 
the confirmation comprises the user providing a secret. 

10 8 . A communication method according to claim 6 or claim 
7, in which the requesting step comprises the digital 
device and the personal communication device 
establishing contact with each other and the personal 
communication device indicating to the user that a 

15 request for a secret has been received. 

9. A communication method according to claim 8, in which 
the indicating step comprises providing an audible 
signal . 

20 

10. A communication method according to claim 8, in which 
the indicating step comprises providing a visual 
signal . 

25 11. A communication method according to any one of claims 
6 to 10, in which the requesting step comprises 
providing to the user a selection of options of which 
at least one is to approve the request by selecting 
the relevant option. 

30 

12. A communication method according to any preceding 
claim, in which the memory stores a plurality of 
secrets and the method further comprises the step of 
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the personal communication device providing a user 
with a plurality of secrets from which to select the 
secret to be provided to the digital device . 

5 13 . A communication method according to any preceding 
claim, in which the personal communication device 
comprises a cellular communication device. 

14 . A communication method according to claim 13, in 
10 which the personal communication device comprises a 

cellular telephone for voice calls. 



15 . A communication method according to any preceding 
claim, in which the digital device is a non- cellular 
15 device. 



16. A communication method according to claim 15, in 
which the digital device comprises a modem for 
communication with the personal communication device. 

20 

17 . A communication system comprising a personal 
communication device, the personal communication 
device comprising a memory in which is stored a 
secret, and a digital device capable of communication 

25 with the personal communication device, the personal 

communication device being configured to transmit the 
secret when instructed to do so. 

18. A communication system according to claim 17, in which 
3 0 the communication capable of being established between 

the personal communication device and the digital 
device is wireless communication. 
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19* A communication system according to claim 17 or claim 
18, in which the secret is encrypted in the memory and 
the digital device is capable of decrypting the 
secret . 

20. A communication system according to claim 19, in which 
the secret is encrypted according to a key provided by 
the digital device. 

21. A communication system according to any one of claims 
17 to20, in which the personal communication device is 
configured whereby the secret is transmitted to a 
designated digital device upon receipt of a user 
instruction. 

22. A communication system according to any one of claims 
16 to 20 , in which the personal communication device 
is configured whereby upon the digital device 
requesting a secret from the personal communication 
device, the personal communication device requests 
confirmation from a user that the secret can be 
provided and provides the secret to the digital device 
only if the confirmation is provided by the user. 

23. A communication system according to claim 22, in which 
the confirmation comprises the user providing a 
secret . 

24. A communication system according to claim22 or claim 
23, in which to request the secret, the digital device 
is configured to establish contact with the personal 
communication device and the personal communication 
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device is configured to indicate to the user that a 
request for a secret has been received. 

25. A communication system according to claim24 , in which 
5 the indication comprises providing an audible signal. 

26. A communication system according to claim24, in which 
the indication comprises providing a visual signal. 

10 27* A communication system according to any one of claims 
22 to26, in which the personal communication device is 
configured whereby upon receipt of the request the 
personal communication device provides to the user a 
selection of options of which at least one is to 

15 approve the request by selecting the relevant option . 

28* A communication system according to any one of claims 
17 to27, in which the memory stores a plurality of 
secrets and the personal communication device is 
20 configured to provide a user with a plurality of 

secrets from which to select the secret to be provided 
to the digital device. 

29. A communication system according to any one of claims 
25 17 to28, in which the personal communication device 

comprises a cellular communication device. 

30. A communication system according to claim29, in which 
the personal communication device comprises a cellular 

30 telephone for voice calls. 
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A communication system according to any one of claims 
17 to3 0, in which the digital device is a non-cellular 
device . 

A communication system according to claim 29, in which 
the digital device comprises a modem for communication 
with the personal communication device. 

A personal communication device, the personal 
communication device comprising a memory in which is 
stored a secret, the personal communication device 
being configured to transmit the secret to a digital 
device when instructed to do so. 

A personal communication device according to claim33, 
in which the transmission is by wireless 
communication . 

A personal communication device according to claim 31 
or claim34, in which the secret is encrypted in the 
memory . 

A personal communication device according to claim 35, 
in which the secret is encrypted according to a key 
provided by the digital device. 

A personal communication device according to any one 
of claims 33 to36, in which the personal communication 
device is configured to transmit the secret to a 
designated digital device upon receipt of a user 
instruction. 
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38. A personal communication device according to any one 
of claims 33 to37, in which the personal communication 
device is configured whereby upon receipt of a request 
for a secret from the personal communication device, 
5 the personal communication device requests 

confirmation from a user that the secret can be 
provided and transmits the secret only if the 
confirmation is provided by the user. 

10 39. A personal communication device according to claim 38, 
in which the confirmation comprises the user providing 
a secret . 



40. A personal communication device according to claim or 
15 claim 39, in which the personal communication device 

is configured whereby upon receipt of a request for a 
secret, the personal communication device indicates to 
the user that a request for a secret has been 
received. 

20 

41. A personal communication device according to claim40, 
in which the indication comprises providing an audible 
signal . 



25 42. A personal communication device according to claim40, 
in which the indication comprises providing a visual 
signal . 

43 . A personal communication device according to any one 
30 of claims 38 to42, in which the personal communication 

device is configured whereby the user is provided with 
a selection of options of which at least one is to 
approve the request by selecting the relevant option. 



A personal communication device according to any one 
of claims 33 to43 # in which the memory stores a 
plurality of secrets and the personal communication 
device is configured to provide a user with a 
plurality of secrets from which to select the secret 
to be transmitted. 

A personal communication device according to any one 
of claims 33 to44, in which the personal communication 
device comprises a cellular communication device. 

A personal communication device according to claim45, 
in which the personal communication device comprises a 
cellular telephone for voice calls. 

A communication method substantially as described 
herein, with reference to the drawings that follow. 

A communication system substantially as described 
herein, with reference to the drawings that follow. 

A personal communication device substantially as 
described herein, with reference to the drawings that 
follow. 
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